Zero Day Monitor
Dashboard
Vulnerabilities
Trending
Zero-Days
News
Login
All types
CVE only
Pre-CVE only
CISA KEV only
All severities
Critical
High
Medium
Low
More filters
Trending
Newest
Urgent
Critical Only
103,455 vulnerabilities total
10.0
cisco ·
CVE-2026-20131 —
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root o
KEV
secure_firewall_management_center
· CVSS 10.0
· CWE-502
81
2 articles
0
Mar 4, 2026
7.2
synacor ·
CVE-2025-66376 —
Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.
KEV
zimbra_collaboration_suite
· CVSS 7.2
· CWE-79
71
1 articles
0
Jan 5, 2026
8.8
microsoft ·
CVE-2026-20963 —
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
KEV
sharepoint_server
· CVSS 8.8
· CWE-502
71
1 articles
0
Jan 13, 2026
8.8
apple ·
CVE-2025-31277 —
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously c
KEV
safari
· CVSS 8.8
· CWE-119
71
1 articles
0
Jul 30, 2025
4.3
wftpserver ·
CVE-2025-47813 —
loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.
KEV
wing_ftp_server
· CVSS 4.3
· CWE-209
67
1 articles
0
Jul 10, 2025
7.5
ietf ·
CVE-2023-44487 —
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
KEV
http
· CVSS 7.5
· CWE-400
47
1 articles
0
Oct 10, 2023
7.5
cisco ·
CVE-2026-20128 —
A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. This v
KEV
catalyst_sd-wan_manager
· CVSS 7.5
· CWE-257
44
1 articles
0
Feb 25, 2026
5.4
cisco ·
CVE-2026-20122 —
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the atta
KEV
catalyst_sd-wan_manager
· CVSS 5.4
· CWE-648
42
1 articles
0
Feb 25, 2026
8.8
google ·
CVE-2026-4464 —
Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
chrome
· CVSS 8.8
· CWE-472
24
3 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4454 —
Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-416
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4444 —
Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-121
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4450 —
Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-787
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4452 —
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Hig
chrome
· CVSS 8.8
· CWE-472
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4449 —
Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-416
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4461 —
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4458 —
Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chr
chrome
· CVSS 8.8
· CWE-416
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4463 —
Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-122
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4460 —
Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
chrome
· CVSS 8.8
· CWE-125
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4441 —
Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
chrome
· CVSS 8.8
· CWE-416
23
2 articles
0
Mar 20, 2026
8.8
google ·
CVE-2026-4447 —
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H
chrome
· CVSS 8.8
23
2 articles
0
Mar 20, 2026
Load more
